NotCVE - vendor:"Panasonic"

Page 7 of 44 results (0.003 seconds)

CVSS: 5.3EPSS: 0%CPEs: 3EXPL: 0

CVE-2017-2131

https://notcve.org/view.php?id=CVE-2017-2131

Panasonic KX-HJB1000 Home unit devices with firmware GHX1YG 14.50 or HJB1000_4.47 allow an attacker to bypass access restrictions to view the configuration menu via unspecified vectors. Los dispositivos de seguridad y control Panasonic KX-HJB1000 con firmware GHX1YG 14.50 o HJB1000_4.47 permiten que un atacante omita las restricciones de acceso y vea el menú de configuración mediante vectores sin especificar. • http://www.securityfocus.com/bid/101581 https://jvn.jp/en/jp/JVN54795166 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 8.8EPSS: 0%CPEs: 3EXPL: 0

CVE-2017-2133

https://notcve.org/view.php?id=CVE-2017-2133

SQL injection vulnerability in Panasonic KX-HJB1000 Home unit devices with firmware GHX1YG 14.50 or HJB1000_4.47 allows authenticated attackers to execute arbitrary SQL commands via unspecified vectors. Vulnerabilidad de inyección SQL en dispositivos de seguridad y control Panasonic KX-HJB1000 con firmware GHX1YG 14.50 o HJB1000_4.47 permite que atacantes autenticados ejecuten comandos SQL arbitrarios mediante vectores sin especificar. • http://www.securityfocus.com/bid/101583 https://jvn.jp/en/jp/JVN54795166 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •

CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 0

CVE-2017-2132

https://notcve.org/view.php?id=CVE-2017-2132

Panasonic KX-HJB1000 Home unit devices with firmware GHX1YG 14.50 or HJB1000_4.47 allow an attacker to delete arbitrary files in a specific directory via unspecified vectors. Dispositivos Panasonic KX-HJB1000 Home con firmware GHX1YG 14.50 o HJB1000_4.47 permiten que un atacante elimine archivos arbitrarios en un directorio específico mediante vectores sin especificar. • http://www.securityfocus.com/bid/101584 https://jvn.jp/en/jp/JVN54795166 • CWE-20: Improper Input Validation •

CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0

CVE-2017-5151

https://notcve.org/view.php?id=CVE-2017-5151

An issue was discovered in VideoInsight Web Client Version 6.3.5.11 and previous versions. A SQL Injection vulnerability has been identified, which may allow remote code execution. Ha sido descubierto un problema en VideoInsight Web Client versión 6.3.5.11 y versiones anteriores. Se ha identificado una vulnerabilidad de inyección SQL, que puede permitir la ejecución remota de código. • http://www.securityfocus.com/bid/95416 https://ics-cert.us-cert.gov/advisories/ICSA-17-012-02 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •

CVSS: 4.4EPSS: 0%CPEs: 1EXPL: 0

CVE-2016-4496 – Panasonic FPWIN Pro SCTASK Out-Of-Bounds Write Remote Code Execution Vulnerability

https://notcve.org/view.php?id=CVE-2016-4496

Panasonic FPWIN Pro 5.x through 7.x before 7.130 allows local users to cause a denial of service (out-of-bounds write) or possibly have unspecified other impact by triggering a crafted index value, as demonstrated by an integer overflow. Panasonic FPWIN Pro 5.x hasta la versión 7.x en versiones anteriores a 7.130 permite a usuarios locales provocar una denegación de servicio (escritura fuera de límites) o posiblemente tener otro impacto no especificado desencadenando un valor de índice manipulado, según lo demostrado por un desbordamiento de entero. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Panasonic FPWIN Pro. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing of a project file. A specially-crafted project file will lead to the construction of an SCTASK object followed by writes to the object that are outside its bounds. • http://www.securityfocus.com/bid/90520 http://zerodayinitiative.com/advisories/ZDI-16-333 http://zerodayinitiative.com/advisories/ZDI-16-335 http://zerodayinitiative.com/advisories/ZDI-16-336 http://zerodayinitiative.com/advisories/ZDI-16-337 https://ics-cert.us-cert.gov/advisories/ICSA-16-131-01 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

1...5 6 7 8 9